Page 17 - 23_EETE_03
P. 17

EE|Times EUROPE   17



         EMBEDDED WORLD 2023: SECURITY FOCUS
        Hardware-Based Design Approach for


        Smart-Home IoT Security


        By Saumitra Jagdale






























              he internet of things has caused a   The engineer’s challenge is to consider security and privacy
              paradigm shift in the way devices   requirements when designing smart-home systems.
              communicate. Continuous monitor-
        T ing and remote control of activities
        that were previously performed manually has   And the devices are often located in easily   a series of devices to fit different markets
        reduced human effort as well as human errors.  accessible locations and therefore are vulner-  according to requirements from different
          The IoT-driven automation trend extends   able to tampering.          industries,” Crespo said. “While the core
        to households. MarketsandMarkets is   Conventional cryptographic solutions are   device remains the same, customized security
        forecasting European smart-home market   implemented using secret keys that are allot-  features are added based on smart-home
        growth at a CAGR of 9.0% over five years, from   ted to devices. It is assumed that these secret   applications and industrial applications.”
        US$26.7 billion in 2022 to US$41.2 billion   keys are stored by the device and remain
        by 2027 (bit.ly/3xcRnYS). To safeguard smart   unknown to the attacker. But being in an   HARDWARE ROOT OF TRUST
        homes and their occupants from the poten-  easily accessible location makes smart-home   A hardware root of trust (RoT) is a physical,
        tially hazardous consequences of a cyber or   devices prone to physical attacks, side-   immutable and tamperproof cryptographic
        physical attack, security is a requirement in   channel attacks, invasive and semi-invasive   key that is burned into the silicon and verified
        any IoT system for home use, especially for   attacks and even viruses that can expose the   every time a system is booted. These keys can-
        authentication of the connected devices.  key and lead to a security break.  not be erased and are verified by the on-board
                                              “There are multiple threats to individu-  chip to ensure no malware is booted in place
        SMART-HOME IoT SECURITY DESIGN      als and industries in terms of security and   of the BIOS or firmware.
        CHALLENGES                          privacy: For individuals, the major threat   A silicon-based hardware RoT can be
        As the number of IoT devices continues to   is [to] private data, and for industries and   fixed-function or programmable. Fixed-
        grow, the potential for cyberattacks increases.   smart environments, the threat is the denial   function RoT devices are compact state
        Traditional computer systems and network   of services,” Thierry Crespo, STM32 security   machines that perform tasks like data
        equipment have long been vulnerable to   marketing manager at STMicroelectronics,   encryption, certificate validation and key
        cyberthreats, but now, everyday devices like   said in an interview with EE Times Europe.   management. Programmable RoT devices
        home security cameras, door locks, thermo-  “In smart-home systems, because all devices   are built around the CPU and are more
        stats and even appliances have become easy   including smartphones are connected to the   advanced than fixed-function solutions. The
        targets for cyberattackers.         internet, getting access to these devices has   programmable hardware can accommodate
       IMAGE: SHUTTERSTOCK  both security and privacy requirements into   security and privacy of individuals.”  new cryptographic algorithms and secure
                                                                                more complex functions that can run entirely
                                            become easier. This is a major threat to the
          The challenge for engineers is to take
                                              STMicroelectronics offers various protec-
                                                                                applications to meet evolving attack vectors.
        account when designing smart-home systems.
                                                                                Because the fixed-function devices cannot be
        Compounding the difficulty is that IoT sys-
                                            tion measures under its STM32Trust strategy
        tems in homes don’t have a lot of memory or
                                            to enhance security in products based on
                                                                                upgraded to adapt to newer threats, chip-
                                                                                makers like STMicroelectronics are shifting
        processing power, so high-end software-based
                                            STM32 microcontrollers and microprocessors.
        security systems cannot be deployed on them.
                                                                                toward programmable RoT hardware.
                                            “Today, under the STM32Trust, we provide
                                                                                      www.eetimes.eu | MARCH 2023
   12   13   14   15   16   17   18   19   20   21   22